Privacy policy

Healthcare Communications Association Ltd. Privacy Policy

Information from you

This Privacy Policy explains the terms under which personal information is obtained from our members and non-members and stored by the Healthcare Communications Association Ltd. (HCA) under the new General Data Protection Regulation (GDPR) from the European Parliament that came into effect on 25 May 2018.

HCA will collect sufficient personal information from our members and non-member delegates in order to keep them informed of, and facilitate their participation in, events and any other activity undertaken by the HCA. This includes basic facts such as their name, address, title, contact details and historic participation and interest record, but may include personal or organisation financial information for use in invoicing and payments.

The lawful basis of the data processing is that in providing the data the individual (known as the ‘data subject’) are giving their explicit consent that collection of the data is necessary for the performance of a membership contract with HCA in respect of the products and services provided in accordance with our terms of business.

Information to or from other sources

We may share non-financial information with other third party sponsors of events or activity for which an individual attends or registers to participate. We may also share information with carefully selected suppliers who help us undertake our activity and communications but only if this is necessary for them to undertake their role and only with a privacy undertaking from them in line with this Privacy Policy. We may also have a legal obligation to provide information to government departments and regulatory bodies.

HCA is the controller and processor of the personal data members and non-members provide to us. Our registered office is Wyndmere House, Ashwell Road, Royston, Hertfordshire SG8 0NZ.

How we hold personal data

All the personal data we use is controlled by HCA in the United Kingdom. We have a data protection regime in place to oversee the effective and secure processing of their personal data.

All information at HCA is stored on secure servers. All our data transfers to and from authorised third party recipients have built in security features, including encryption, to best protect your personal data. Email communications cannot be secured in such a robust manner, although we do endeavour to supply confidential information in password protected files wherever possible.
Basic personal data will be kept for the lifetime of your membership with the HCA or as required to administer all aspects of the event or activity that have been opted into. Following the end of membership or the relevant activity, data will be held for a maximum of 24 months after which time it will be destroyed.

Important information

If at any point an individual believes information that we retain about them is incorrect, the individual can request to see this information and have it corrected and possibly deleted. The individual may also request that their data be transferred to another data controller in a machine-readable format. Providing members with their data information is free of charge, but charges may apply for excessive requests.
If an individual wishes to raise a complaint on how we have handled their personal data, they can write to our Compliance Officer at Healthcare Communications Association Ltd., Wyndmere House, Ashwell Road, Royston, Hertfordshire SG8 0NZ. Alternatively they can email romilly@hca-uk.org or telephone +44 (0) 1784 664 124.
If an individual is not satisfied with our response or believes we are not processing their data in accordance with the law, they can complain to the Information Commissioners Office (https://ico.org.uk/).

Where relevant, members have the right to withdraw their general and explicit consent at any time, however, without their consent, we will not be able to process the data they have provided.

If you no longer wish to receive communications from the HCA please unsubscribe below: